The company is putting security at the fore of their effort which aims to provide an end-to-end solution for controlling IoT products from Azure. With the Mirai botnet remaining a talking point two years after the unprecedented attack, it’s an opportune moment to launch such a security-first product.
In a blog post, Microsoft wrote:
“A device can disrupt and do damage on a larger scale. This is what happened with the 2016 Mirai botnet attack where roughly 100,000 compromised IoT devices were repurposed by hackers into a botnet that effectively knocked the U.S. East Coast off the Internet for a day.
It’s of paramount importance that we proactively address this emerging threat landscape with solutions that can keep pace as connected MCUs ship in billions of new devices every year.”
The project grew from a small team at Microsoft Research in 2015 which began exploring how the vast number of MCU (microcontroller) devices set to come online could be secured. Just a year later, the Mirai attack showed why their work is vital.
Microsoft Azure Sphere consists of three components:
Azure Sphere certified microcontrollers (MCUs): A new cross-over class of MCUs that combines both real-time and application processors with built-in Microsoft security technology and connectivity. Each chip includes custom silicon security technology from Microsoft, inspired by 15 years of experience and learnings from Xbox, to secure this new class of MCUs and the devices they power.
Azure Sphere OS: This OS is purpose-built to offer unequalled security and agility. Unlike the RTOSes common to MCUs today, our defense-in-depth IoT OS offers multiple layers of security. It combines security innovations pioneered in Windows, a security monitor, and a custom Linux kernel to create a highly-secured software environment and a trustworthy platform for new IoT experiences.
Azure Sphere Security Service: A turnkey, cloud service that guards every Azure Sphere device; brokering trust for device-to-device and device-to-cloud communication through certificate-based authentication, detecting emerging security threats across the entire Azure Sphere ecosystem through online failure reporting, and renewing security through software updates. It brings the rigor and scale Microsoft has built over decades protecting our own devices and data in the cloud to MCU powered devices.
The solution is currently in private testing with ‘select manufacturers’ but a full launch is due by the end of this year. Development kits will be available in summer.
What are your thoughts on Microsoft’s Azure Sphere solution for the IoT? Let us know in the comments.
thanks you RSS link